AVG-2029 log

Package vault
Status Fixed
Severity Medium
Type authentication bypass
Affected 1.7.1-2
Fixed 1.7.2-1
Current 1.9.0-1 [community-testing]
1.7.3-1 [community]
Ticket None
Created Thu Jun 3 12:26:34 2021
Issue Severity Remote Type Description
CVE-2021-32923 Medium Yes Authentication bypass
HashiCorp Vault before version 1.7.2 allowed the renewal of nearly- expired token leases and dynamic secret leases (specifically, those within 1 second of...